Known Vulnerabilities for Application Server Portal by Oracle

Listed below are 6 of the newest known vulnerabilities associated with "Application Server Portal" by "Oracle".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-33525 Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SS... Not Provided 2026-03-26 2026-03-30
CVE-2008-2138 Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the c... 5 - MEDIUM 2008-05-12 2018-10-11
CVE-2007-1506 Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote atta... 4.3 - MEDIUM 2007-03-19 2018-10-16
CVE-2006-6699 Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and possibly other versions allow remote attackers to inject a... 5 - MEDIUM 2006-12-23 2018-10-17
CVE-2006-6697 CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and earlier, including 9.0.2, allows remote atta... 7.5 - HIGH 2006-12-22 2018-10-17
CVE-2004-1707 The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to... 7.2 - HIGH 2004-07-30 2017-07-11
CVE-2003-1193 Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML comp... 7.5 - HIGH 2003-11-03 2017-07-11

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOracleApplication Server Portal9.0.2.3bAllAllAll
ApplicationOracleApplication Server Portal9.0.2.3aAllAllAll
ApplicationOracleApplication Server Portal9.0.2.3AllAllAll
ApplicationOracleApplication Server Portal9.0.2AllAllAll
ApplicationOracleApplication Server Portal3.0.9.8.5AllAllAll
ApplicationOracleApplication Server Portal-AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report